package com.wu.config;

import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;
import com.wu.realm.AccoutRealm;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.HashMap;

@Configuration
public class ShiroConfig {
    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(@Qualifier("securityManager") DefaultWebSecurityManager securityManager) {
        ShiroFilterFactoryBean factoryBean = new ShiroFilterFactoryBean();
        factoryBean.setSecurityManager(securityManager);
        //权限设置
        HashMap<String, String> map = new HashMap<>();
        map.put("/main","authc");//必须登录 authc
        map.put("/manage","perms[manage]"); //必须有某一权限perms
        map.put("/administrator","roles[administrator]");//必须有某一角色roles
        factoryBean.setFilterChainDefinitionMap(map);
        //设置登录界面
        factoryBean.setLoginUrl("/login");
        //4.设置未授权的跳转的页面
        factoryBean.setUnauthorizedUrl("/unauth");
        return factoryBean;
    }

    @Bean
    public DefaultWebSecurityManager securityManager(@Qualifier("accoutRealm") AccoutRealm accoutRealm) {
        DefaultWebSecurityManager manager = new DefaultWebSecurityManager();
        manager.setRealm(accoutRealm); return manager;
    }

    @Bean
    public AccoutRealm accoutRealm(){
        return new AccoutRealm();
    }

    //10 我们要对不同的用户让她登录后，只显示它能操纵的页面，这里被忘了先导入依赖

    @Bean
    public ShiroDialect shiroDialect(){
        return new ShiroDialect();
    }
}
